diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2007-05-02 21:08:50 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2007-05-02 21:08:50 +0000 |
| commit | 6b28ae8b2286e659785708e958a26befda88fa4b (patch) | |
| tree | 47f8f044ca745e196da289d18d373059763d98e7 /phpBB/includes | |
| parent | 15aee8920041aeaf3c9d8893341bc5470ec63ff8 (diff) | |
| download | forums-6b28ae8b2286e659785708e958a26befda88fa4b.tar forums-6b28ae8b2286e659785708e958a26befda88fa4b.tar.gz forums-6b28ae8b2286e659785708e958a26befda88fa4b.tar.bz2 forums-6b28ae8b2286e659785708e958a26befda88fa4b.tar.xz forums-6b28ae8b2286e659785708e958a26befda88fa4b.zip | |
some tiny changes
git-svn-id: file:///svn/phpbb/trunk@7452 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes')
| -rw-r--r-- | phpBB/includes/auth.php | 12 | ||||
| -rw-r--r-- | phpBB/includes/functions_user.php | 26 |
2 files changed, 21 insertions, 17 deletions
diff --git a/phpBB/includes/auth.php b/phpBB/includes/auth.php index de1b669eba..3b05652a87 100644 --- a/phpBB/includes/auth.php +++ b/phpBB/includes/auth.php @@ -486,8 +486,8 @@ class auth { global $db; - $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; - $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; + $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : ''; + $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : ''; $sql_opts = ''; @@ -628,8 +628,8 @@ class auth { global $db; - $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? "user_id = $user_id" : $db->sql_in_set('user_id', $user_id)) : ''; - $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; + $sql_user = ($user_id !== false) ? ((!is_array($user_id)) ? 'user_id = ' . (int) $user_id : $db->sql_in_set('user_id', array_map('intval', $user_id))) : ''; + $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : ''; $sql_opts = ''; @@ -682,8 +682,8 @@ class auth { global $db; - $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? "group_id = $group_id" : $db->sql_in_set('group_id', $group_id)) : ''; - $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND ' . $db->sql_in_set('a.forum_id', $forum_id)) : ''; + $sql_group = ($group_id !== false) ? ((!is_array($group_id)) ? 'group_id = ' . (int) $group_id : $db->sql_in_set('group_id', array_map('intval', $group_id))) : ''; + $sql_forum = ($forum_id !== false) ? ((!is_array($forum_id)) ? 'AND a.forum_id = ' . (int) $forum_id : 'AND ' . $db->sql_in_set('a.forum_id', array_map('intval', $forum_id))) : ''; $sql_opts = ''; diff --git a/phpBB/includes/functions_user.php b/phpBB/includes/functions_user.php index 457e286840..69990a9524 100644 --- a/phpBB/includes/functions_user.php +++ b/phpBB/includes/functions_user.php @@ -2468,27 +2468,32 @@ function group_user_attributes($action, $group_id, $user_id_ary = false, $userna return true; } - /** * A small version of validate_username to check for a group name's existence. To be called directly. */ -function group_validate_groupname($group_id, $groupname) +function group_validate_groupname($group_id, $group_name) { global $config, $db; - $groupname = utf8_clean_string($groupname); + $group_name = utf8_clean_string($group_name); if (!empty($group_id)) { $sql = 'SELECT group_name - FROM ' . GROUPS_TABLE . ' - WHERE group_id = ' . (int)$group_id; + FROM ' . GROUPS_TABLE . ' + WHERE group_id = ' . (int) $group_id; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); - - $allowed_groupname = utf8_clean_string($row['group_name']); - if ($allowed_groupname == $groupname) + + if (!$row) + { + return false; + } + + $allowed_groupname = utf8_clean_string($row['group_name']); + + if ($allowed_groupname == $group_name) { return false; } @@ -2496,7 +2501,7 @@ function group_validate_groupname($group_id, $groupname) $sql = 'SELECT group_name FROM ' . GROUPS_TABLE . " - WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($groupname)) . "'"; + WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($group_name)) . "'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $db->sql_freeresult($result); @@ -2505,11 +2510,10 @@ function group_validate_groupname($group_id, $groupname) { return 'GROUP_NAME_TAKEN'; } + return false; } - - /** * Set users default group * |